Third-party payment-processing service company breached, compromised at least 50,000 accounts

ITworld|March 30, 2012

Visa and MasterCard have confirmed reports from earlier this morning of what analysts call a "massive" data breach at a third-party company both employ to process credit and debit cards for banks and stores.

There is no indication of how the breach happened or consistent reports of its scope.

Krebs reports sources estimating as many as 10 million accounts may be affected, though the damage so far is limited. One service company notified 482 credit unions that are its clients that a total of 56,000 cards were compromised, but that only 876 of the accounts have shown any fraudulent activity, Krebs reported.

Earlier this morning Visa issued a statement acknowledging a breach, but offering few details:

"Visa Inc. is aware of a potential data compromise incident at a third party entity affecting card account information from all major card brands. There has been no breach of Visa systems, including its core processing network VisaNet."